github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2026-04-05 06:35:26 +00:00
Code Issues Projects Releases Wiki Activity

Enforce content trust with trust key and yaml subkeys for image and org

Browse Source 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
This commit is contained in:
Riyaz Faizullabhoy
2017-04-07 15:36:43 -07:00
parent 799879d76d
commit 68d8788e3b
3 changed files with 44 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/cmd/moby/docker.go
View File

@@ -236,13 +236,18 @@ func dockerRm(container string) error {
return nil
}
func dockerPull(image string) error {
func dockerPull(image string, trustedPull bool) error {
log.Debugf("docker pull: %s", image)
docker, err := exec.LookPath("docker")
if err != nil {
return errors.New("Docker does not seem to be installed")
}
args := []string{"pull", image}
var args = []string{"pull"}
if trustedPull {
log.Debugf("pulling %s with content trust", image)
args = append(args, "--disable-content-trust=false")
}
args = append(args, image)
cmd := exec.Command(docker, args...)
stderrPipe, err := cmd.StderrPipe()
@@ -294,7 +299,7 @@ func dockerInspectImage(cli *client.Client, image string) (types.ImageInspect, e
inspect, _, err := cli.ImageInspectWithRaw(context.Background(), image, false)
if err != nil {
if client.IsErrImageNotFound(err) {
pullErr := dockerPull(image)
pullErr := dockerPull(image, false)
if pullErr != nil {
return types.ImageInspect{}, pullErr
}